Knowledge

Glossary — technical terms explained.

Short and clear: the key terms around AI/GEO, WordPress, performance, security and data protection — each with a link to the relevant page.

In short

This glossary explains the technical terms that appear on Forge12's pages — from E-E-A-T, GEO and MCP through Core Web Vitals and WAF to GDPR and DPA. Each term is explained in one or two sentences and links to the relevant page.

AI, GEO & the agent web

E-E-A-T

E-E-A-T stands for Experience, Expertise, Authoritativeness and Trust — Google's framework for judging content quality. Pages with clear author and brand signals, demonstrated topic depth and trust markers are preferred.

Explained in depthLearn more

GEO (Generative Engine Optimization)

GEO, also called AI SEO, is optimizing content to be cited in the answers of AI engines like ChatGPT, Google AI Overviews, Gemini and Perplexity — instead of just ranking in classic search. Levers are citable answer-first content, structured data and topic authority.

Explained in depthLearn more

Agentic Commerce

Agentic commerce means online trade in which AI agents research, compare and buy on behalf of customers. For a shop to take part it must be machine-readable: structured product data, feeds and agent-ready interfaces such as MCP.

Explained in depthLearn more

MCP (Model Context Protocol)

MCP is an open standard (originally by Anthropic) through which AI agents access data, tools and catalogs in a structured way. An MCP server exposes this data so an agent queries it instead of guessing a website from HTML.

Explained in depthLearn more

llms.txt

llms.txt is a simple file in a website's root that tells AI systems which content and endpoints are relevant — including hints to structured data or an MCP server. It is part of the agent-ready basics.

Explained in depthLearn more

Web Bot Auth

Web Bot Auth is a method by which automated clients (AI agents, crawlers) cryptographically identify themselves to a website (based on HTTP Message Signatures, RFC 9421). This lets you selectively allow good, verified agents and block malicious bots.

Explained in depthLearn more

RAG (Retrieval-Augmented Generation)

RAG is a method where an AI model bases its answers on specifically retrieved, own content (e.g. a knowledge base) instead of generating freely. This reduces hallucinations — the chatbot answers verifiably from your sources.

Explained in depthLearn more

AI-Ready / Agent-Ready

AI-ready (or agent-ready) describes a website that is readable and actionable not only for humans but also for AI agents and answer engines: structured data, answer-first content, llms.txt and machine-readable interfaces.

Learn more

Answer-first / AnswerCapsule

Answer-first means answering a question directly and entity-named in the first sentence before details follow. AI engines pick up such citable passages particularly easily — the basis for good GEO visibility.

Learn more

Schema.org / strukturierte Daten

Schema.org is a vocabulary for structured data (usually JSON-LD in the page head) that explains the meaning of content to search engines and AI engines in a machine-readable way — e.g. product, FAQ, organization or author. The basis for rich results and AI citability.

Learn more

WordPress, web & performance

Core Web Vitals

Core Web Vitals are Google's metrics for a page's user experience: loading (LCP), interactivity (INP) and visual stability (CLS). They are a ranking factor — poor values cost visibility and conversion.

Explained in depthLearn more

WAF / Web Application Firewall

A WAF (web application firewall) checks incoming requests and blocks malicious ones before they reach the application — such as brute force, bot attacks and the exploitation of known gaps. For WordPress it is the baseline protection.

Learn more

Hardening (Härtung)

Hardening means deliberately securing an installation beyond the default configuration: login protection, secure file permissions, disabled attack surfaces and two-factor authentication. It reduces the attack surface before anything happens.

Learn more

Backdoor

A backdoor is hidden code that gives an attacker permanent access — independent of the visible infection. If a cleanup removes only the visible malware but not the backdoor, the site is usually reinfected within days.

Learn more

phpass / $P$-Hash

phpass is the portable password hashing scheme WordPress uses; the resulting value starts with $P$ and sits in the database column wp_users.user_pass. Knowing the hash lets you set a password directly in the database — useful when you're locked out.

Learn more

LTS (Long Term Support)

LTS (Long Term Support) refers to a software version with an especially long support window during which it receives security updates — e.g. in TYPO3. Once an LTS version runs out of support there are no more patches; a timely upgrade is essential.

Learn more

Staging-Umgebung

A staging environment is a private, production-like test copy of a website. Updates and changes are verified there before going live — so a plugin update doesn't break the real site unnoticed.

Learn more

Cache / Page-Cache

A cache stores already-generated results so they aren't recomputed on every request. A page cache serves ready-made HTML pages and speeds up WordPress significantly — one of the most effective performance levers.

Learn more

301-Redirect

A 301 redirect is a permanent redirect from an old URL to a new one. In a relaunch or migration, a clean redirect concept preserves rankings because search engines transfer the signals of the old URL to the new one.

Learn more

Produktkonfigurator vs. variable Produkte

A product configurator computes the combinations of options (color, size, material …) at runtime and shows a live price and preview. Variable products instead create each combination as its own variant — which from a few options leads to an unmaintainable variant explosion.

Learn more

Entropie (Passwort)

Entropy measures how random and thus how hard to guess a password is — expressed in bits. Each additional random character increases entropy; from about 70–100 bits a password is considered very strong and practically impossible to brute-force.

Learn more

Legal, security & operations

DSGVO / GDPR

The GDPR (General Data Protection Regulation) is the EU's data protection law. For websites this means, among other things: process personal data sparingly and purpose-bound, host in the EU where possible and integrate third-party services (e.g. captcha, chat, analytics) in a compliant way.

Learn more

AVV (Auftragsverarbeitungsvertrag)

A DPA (data processing agreement, German AVV) is the contract required under GDPR Art. 28 between you and a provider that processes personal data on your behalf. It governs the purpose, scope and protection of the processing.

Learn more

APR1 / htpasswd

A .htpasswd file stores a username and password hash for HTTP basic authentication (e.g. Apache). The common format is APR1/MD5 (lines of the form user:$apr1$…) that Apache creates with htpasswd -m.

Learn more

HTTP-Basic-Authentifizierung

Basic auth is a simple server-level access protection: the browser asks for a username and password before showing content. Handy for staging environments and internal tools — configured via .htaccess and a .htpasswd file.

Learn more

SLA (Service Level Agreement)

An SLA (service level agreement) defines committed service levels — such as the guaranteed response time to a request. Important: the response time is the time to the first reply, not to the resolution.

Learn more

Forge12

Forge12 (full name: Forge12 Interactive GmbH) is a German software studio and agency from Donaueschingen: WordPress, WooCommerce, TYPO3 and custom software, plus its own products (plugins and the SaaS SilentShield and SilentChat). Senior-led, GDPR-compliant, EU-hosted.

Learn more